The Application Security Podcast Steve Springett -- Software and System Transparency
Aug 29, 2024
Steve Springett, an expert in secure software development and key figure in multiple OWASP projects, shares insights on CycloneDX and the importance of software transparency. He discusses the evolving landscape of Software Bills of Materials (SBOMs) and their critical role in security and inventory management. Steve also reflects on personal interests outside of tech, such as automotive modifications and Formula One. His humorous anecdotes and deep knowledge blend seamlessly, making for an engaging and informative conversation.
AI Snips
Chapters
Transcript
Episode notes
Steve's Hands-On Car Hobby
- Steve Springett enjoys mechanical car modifications, especially on his Alfa Romeo Giulia.
- He also values craftsmanship in mechanical watches despite their outdated technology.
BOMs Critical for Software Security
- Bills of Materials (BOMs) in software are essential for inventory to know what you have and protect it.
- The software industry is adopting BOMs due to breach fatigue from vulnerabilities in open source components.
Use BOMs Continually and Widely
- Generate and maintain BOMs as an ongoing process, not a one-time event.
- Use them to improve accuracy beyond what SCA tools provide and aid procurement and legal teams.